Password Change action allows a user to change their current password to a new one. This process is implemented to enhance user security, ensure that old passwords are deactivated, and improve in-app access security.

Technical Specifications

Password Update: The user verifies their current password, then updates their record in the system by setting a new password.
Notification Setting: Email notification after password change is optional.
Language Support: The language to be used during the password change process can be specified.
Web & Mobile Compatibility: The action is supported on both web and mobile applications.

Password Change Action Application Steps

Log in to the Kuika platform.
Open your project from the Apps screen.
Go to the UI Design module.
Open the Properties panel on the right side.
Select the component that will trigger the password change process (e.g., ‘Update Password’ button).

From the + ADD ACTION menu, add the Authorisation > Password Change action according to the desired trigger event (Initial Actions, OnClick, OnBlur, etc.).

Parameter Configuration

Required Parameters:

Current Password (String):
- The user's current registered password.
- It is usually defined using data sources such as Action Result, Current, Form Component, Screen Input or Fixed, and can be linked via the Symbol Picker.
New Password (String):
- The new password the user wants to set.
- It is usually defined using data sources such as Action Result, Current, Form Component, Screen Input or Fixed, and can be linked via the Symbol Picker.

Optional Parameters:

Don't Send Email (Boolean): Select true if you do not want to send an email notification when the password is changed.
- It is usually defined using data sources such as Action Result, Current, Form Component, Screen Input or Fixed and can be linked via the Symbol Picker.
Language (String): Specifies the user's preferred language code. Example: tr, en, fr
- It is usually defined using data sources such as Action Result, Current, Form Component, Screen Input or Fixed and can be linked via the Symbol Picker.

Usage Scenario: User Changing Password from Profile Page

A user wants to update their current password on the ‘Profile Settings’ screen within the application. The user first enters their old password and then completes the process by setting a new password.

Application Flow:

Element: Change Password button
Trigger: OnClick
Action: Authorisation → Password Change

Parameter Assignments:

Current Password
New Password
Don't Send Email → false
Language → ‘tr’

After successfully changing their current password to a new one, the user continues their session within the application without interruption.

Password Change Action Advanced Customisations

The Password Change action used in the Kuika platform allows users to securely change their current passwords. Beyond the basic functionality, various customisations and security measures can be applied to the password change process:

1. Form Validation (Field Consistency): The ‘New Password’ and ‘New Password (Repeat)’ fields in the password update form can be linked to each other using the Condition property. This allows you to check whether the two fields match before the Password Change action is triggered. If the validation fails, the process is stopped; if successful, the password change process is initiated.

2. Password Security Level Control: Various rules can be applied to ensure that the new password is strong. For example:

Minimum character length (e.g. at least 8 characters)
Must contain at least one uppercase letter, one lowercase letter, one number, and one special character

These checks can be performed using Condition expressions defined on user inputs. Processes can be blocked for passwords with weak security levels, and appropriate warnings can be displayed to the user.

3. Conditional Warning Display: When the password is successfully changed, the user can be notified using the Notify action. This notification can be configured, for example, as ‘Your password has been successfully updated.’ Similarly, it is possible to display an error message when the operation fails.

Technical Risks and Controls

Invalid Old Password: If the user enters their current password incorrectly, the system rejects the password change. An error message should be added if necessary.
Weak New Password: Values that do not comply with password policies should be prevented (minimum length, complexity rules, etc.).
Repeated Password Use: The new password must not be the same as the old password. This should be prevented with control logic.

Password Change Action is a security step that enables users to change their system passwords to increase security. It can be easily implemented via the UI and customized with optional parameters. When used in conjunction with a strong password policy, it significantly increases application security.